| Question.16 A security analyst has been tasked with providing key information in the risk register. Which of the following outputs or results would be used to BEST provide the information needed to determine the security posture for a risk decision? (Choose two.) (A) Password cracker (B) SCAP scanner (C) Network traffic analyzer (D) Vulnerability scanner (E) Port scanner (F) Protocol analyzer |
16. Click here to View Answer
Answer: BD
| Question.17 A security analyst sees that a hacker has discovered some keys and they are being made available on a public website. The security analyst is then able to successfully decrypt that data using the keys from the website. Which of the following should the security analyst recommend to protect the affected data? (A) Key rotation (B) Key escrow (C) Zeroization (D) Cryptographic obfuscation |
17. Click here to View Answer
Answer: B
| Question.18 A security manager wants to transition the organization to a zero trust architecture. To meet this requirement, the security manager has instructed administrators to remove trusted zones, role-based access, and one-time authentication. Which of the following will need to be implemented to achieve this objective? (Choose three.) (A) Least privilege (B) VPN (C) Policy automation (D) PKI (E) Firewall (F) Continuous validation (G) Continuous integration (H) IaaS |
18. Click here to View Answer
Answer: ABD
| Question.19 Which of the following is required for an organization to meet the ISO 27018 standard? (A) All PII must be encrypted. (B) All network traffic must be inspected. (C) GDPR equivalent standards must be met. (D) COBIT equivalent standards must be met. |
19. Click here to View Answer
Answer: A
| Question.20 An organization is in frequent litigation and has a large number of legal holds. Which of the following types of functionality should the organization’s new email system provide? (A) DLP (B) Encryption (C) E-discovery (D) Privacy-level agreements |
20. Click here to View Answer
Answer: C